/**
* Check if a user has a permanent login token. If so, log them in.
*
*
* @return void
*/
public function checkForPermanentLoginToken()
{
if (\Data::hasCookie(self::PERM_LOGIN_COOKIE_NAME)) {
$cookie = \Data::getCookie(self::PERM_LOGIN_COOKIE_NAME);
$p = explode('|', $cookie);
$id = array_shift($p);
$user_id = array_shift($p);
$mac = array_pop($p);
$token = join('|', $p);
$secret = \App::config('AES_KEY256');
if ($mac !== hash_hmac('sha256', $id . '|' . $user_id . '|' . $token, $secret)) {
return false;
}
//if
$LoginToken = \App\record\UserLoginToken::find(array('id' => $id, 'user_id' => $user_id), array('id,user_id,token'));
if ($LoginToken !== false && \Crypt::timingSafeCompare($LoginToken['token'], $token)) {
\Session::set($this->getSessionKey(), $user_id);
\Session::regen();
$this->user_id = $user_id;
$this->logged_in = true;
$LoginToken['last_accessed_date'] = array('raw' => 'NOW()');
$LoginToken->update();
}
//if
}
//if
}
